Re: chroots/jails in jails
On 7/9/13 8:42 PM, Hiroki Sato wrote:
> Julian Elischer <julian@freebsd.org> wrote
> in <51DC0054.2040703@freebsd.org>:
it occurs to me that the machine on which the jail is on is running 8.0
and maybe this was fixed since.. I guess I should have checked that first.
>
> ju> I'm making a build system for a project which creates a chroot in
> ju> which to do some of the building to avoid base-system contamination
> ju> (yeah I know lots of people do that).
> ju> the trick is that my test system is itself, a jail.
> ju> So I can not mount /dev in the chroot.
> ju>
> ju> I can not predict where a build will occur so I can not pre-mount the
> ju> devfs from outside the jail. (users may fire off builds in different
> ju> locations)
> ju>
> ju> Does anyone have any solution to this problem?
> ju>
> ju> We have hierarchical jails, but no way of allowing the parent jail to
> ju> give the child jail a devfs.
> ju>
> ju> Has anyone looked at what it would take to make devfs "jail friendly"?
> ju>
> ju> I'm guessing that the jail would have to get some devfs-rule parameter
> ju> and that mount_devfs or it's in-kernel parts would have to know what
> ju> to do..
> ju>
> ju> seems like there should be someone out there who has hit this.. (and
> ju> solved it?)
>
> Allowing to mount devfs inside hierarchical jails should work like
> the following:
>
> # jail -c allow.mount.devfs=1 allow.mount=1 enforce_statfs=1 children.max=10 path=/ name=j1 persist
> # jexec j1 /bin/tcsh
> # mkdir /tmp/dev1
> # mount -t devfs devfs /tmp/dev1
> # jail -c allow.mount.devfs=1 allow.mount=1 enforce_statfs=1 path=/ name=j2 persist
> # jexec j2 /bin/tcsh
> # mkdir /tmp/dev2
> # mount -t devfs devfs /tmp/dev2
>
> -- Hiroki
_______________________________________________
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"
討論串 (同標題文章)